Reputation: 3657
Firestore Storage/GCS How to structure data for user privacy
Trying to workout how I should be storing files each users uploaded files. The files need to be private so only the person who uploaded it can read/write.
My question is, should I be creating one bucket per userId and securing the bucket to that user, or am I supposed to dump everything in a single bucket and make use of the GCS ACL permissions on each file?
Putting each users files in their own bucket seems to make sense but just looking for some clarification around best practises.
Upvotes: 0
Views: 266
Answers (1)
Reputation: 317392
In general, there is no need to create a new bucket for each user. That will not scale (in terms of effort) as you'll spend a lot of time administering all these buckets.
You should start with the documentation on Cloud Storage security rules. Especially the page on user based security. You use security rules to determine who can do what to the various files in storage. How you actually write those rules is going to depend on how you want to structure the files. Typically you use the Firebase Auth user id in the path of the files, and you use a wildcard in the rules to protect based on that uid.
Upvotes: 2
Related Questions
- Firebase - organizing shareable data?
- Best way to store user-specific data in Firestore
- Firestore data structure for two use cases
- Need advice for how to structure my data in Firestore
- How to organize user's data in FireStore
- Firebase / Firestore how to store user data
- Firestore - proper NoSQL structure for user-specific data
- Best Practice to keep user data in firebase firestore?
- Cloud Firestore Data Structure
- Firebase - Firestore data structure